Reduce the cybersecurity and risk burden with LastPass, using modern password management techniques to take back productivity while ramping up organisational defences.

Instead of merely adapting to growing password access burdens, organisations can look to further reduce unnecessary manual processing.

LastPass supports:

  • Safe password sharing across a workforce.
  • Federated integration capabilities.
  • Easy-to-use interface assisting improved password hygiene.
  • Generation of lengthy and robust credentials, changed regularly.
  • Customisation of access permissions.
  • Streamlined accessibility and team safety.


REDUCE RISK, USE FEWER PASSWORDS

The ultimate goal in password management is to further reduce possible attack surfaces by reducing or even eliminating use of passwords. That's because it's hard to completely eradicate weak practice around password use - anyone can be vulnerable to psychological manipulation, or social engineering based risks like sophisticated smishing, phishing, vishing and the like.

Social engineering attacks manipulate people into revealing information they shouldn’t or making other mistakes - and the risk expands with generative AI use.

LastPass polling  suggests many organisations may benefit from better approaches.

  • 95% of survey respondents said social engineering attacks have become more sophisticated in general - the grammar and spelling has improved, for instance.
  • 52.5% report social engineering attacks using more dynamic content in emails, making it harder to detect phishing attempts.
  • 45.7% said they believe social engineering attacks are more directly targeting individuals.





HOW ARE CUSTOMERS PROTECTED TODAY?

Of course, all organisations should ensure that anyone using company systems knows to verify messages are from legitimate business contacts, as well as being careful with - for example - attachments, unfamiliar multi-factor authentication (MFA) prompts, or requests to respond with a high level of urgency.

LastPass has found that 70.47% of respondents test their staff's abilities around recognising and dealing with phishing attacks and 52.00% use externally generated phish email testing from partners.

However, only 30.99% said they do any smishing or vishing testing, and a mere 0.52% indicate that they're taking any other action in this area.


MANY MAY ASSUME THEY'RE SAFE

LastPass revealed that 88% indicate they're confident when it comes to their phishing test programmes - yet perceptions may not match reality.

Interestingly for channel partners, few users in these programmes actually report suspicious activity. Given the prevalence of social engineering attacks, this might be cause for concern.

  • Only 16% of users report 75-100% of suspicious activity within their phishing test programme - download the full report here.
  • More sophisticated social engineering attacks mean employees and employers must be active participants in the fight.


MANAGE ACCESS WITH SAFETY

Password managers can help, but only 61% of respondents in the LastPass survey were already using these.

At the same time, preventing user credential exposure hinges on behaviour. That means using fewer passwords overall and adopting non-phishable passkeys instead can be a key pillar in an effective defence framework - and organisations do recognise this:

  • 86% of organisations surveyed said they plan to reduce password use within two years.
  • 78% of respondents agreed that passkeys can help reduce social engineering threat.
  • Some 80% of data breaches may be due to weak, reused, or stolen credentials.


LASTPASS'S PERVASIVE PASSWORD MANAGEMENT

Organisations can prepare for a password-free future by moving to pervasive password management as offered by LastPass, reducing both the need for 'password hygiene' and reliance on human behaviour.

  • Manage passwords from one place.
  • Protect sensitive data from one hub.
  • Share passwords simply and safely.
  • Collaborate confidently in the cloud.
  • Sidestep bandwidth and storage issues.
  • Shape user behaviours with LastPass policies and reports.
  • Trace leaks and increase individual accountability.
  • Users retain their own storage, transparent to admin oversight.
  • Benefit from a zero-knowledge security model.
  • Go password-less when ready with authenticator approaches.


Check out these  customer case studies  from LastPass.


And when you're ready, the QBS team is always here to help and answer further questions as they emerge.


Email QBS at: [email protected] 
Telephone QBS on: +44(0) 20 8733 7100





( Photo by Kenny Eliason on Unsplash )